CVE-2023-38524

Published: Aug 8, 2023Modified: Nov 21, 2024

2.0

Vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: productcert@siemens.com (Secondary)

Description

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain null pointer dereference while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

Affected (6)

Products: Siemens: Parasolid, Teamcenter Visualization

Siemens

2 products

Parasolid

Teamcenter Visualization

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Siemens Parasolid	From 34.1 to 34.1.258
Siemens Parasolid	From 35.0 to 35.0.254
Siemens Parasolid	From 35.1 to 35.1.171
Siemens Teamcenter Visualization	From 14.1 to 14.1.0.11
Siemens Teamcenter Visualization	From 14.2 to 14.2.0.6
Siemens Teamcenter Visualization	From 14.3 to 14.3.0.3